Added additional check to know if /setPreferences endpoint is open. Also if XSS is not exploitable because of Adobe's patch, text injection/error spoofing is still a possibility. I added this to the log statement.
Added additional check to know if /setPreferences endpoint is open. Also if XSS is not exploitable because of Adobe's patch, text injection/error spoofing is still a possibility. I added this to the log statement.